Vulnerabilities in maxfoundry
14 resultsCVE-2024-3581MEDIUMMaxGalleria <= 6.4.2 - Missing AuthorizationEPSS 0.6%CVE-2024-7857MEDIUMMedia Library Folders <= 8.2.2 - Authenticated (Subscriber+) Second-Order SQL InjectionEPSS 0.5%CVE-2024-6499MEDIUMWordPress Button Plugin MaxButtons <= 9.7.8 - Full Path DisclosureEPSS 0.4%CVE-2023-7029MEDIUMWordPress Button Plugin MaxButtons <= 9.7.6 - Authenticated(Contributor+) Stored Cross-Site Scripting via shortcodeEPSS 0.4%CVE-2024-3615MEDIUMMedia Library Folders <= 8.2.0 - Reflected Cross-Site Scripting via 's'EPSS 0.4%CVE-2024-9219MEDIUMWordPress Social Share Buttons <= 1.19 - Reflected Cross-Site ScriptingEPSS 0.4%CVE-2024-7858MEDIUMMedia Library Folders <= 8.2.3 - Missing Authorization on Various FunctionsEPSS 0.3%CVE-2023-6594MEDIUMWordPress Button Plugin MaxButtons <= 9.7.4 - Authenticated (Administrator+) Stored Cross-Site ScriptingEPSS 0.3%CVE-2025-0935MEDIUMMedia Library Folders <= 8.3.0 - Missing Authorization to Plugin Settings ChangeEPSS 0.3%CVE-2024-5970MEDIUMMaxGalleria <= 6.4.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via maxgallery_thumb ShortcodeEPSS 0.3%CVE-2025-39444MEDIUMWordPress MaxButtons plugin <= 9.8.3 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.2%CVE-2026-2312MEDIUMMedia Library Folders <= 8.3.6 - Insecure Direct Object Reference to Authenticated (Author+) Arbitrary Attachment Deletion and RenameEPSS 0.2%CVE-2021-47982MEDIUMWordPress Plugin WP-Paginate 2.1.3 Stored XSS via presetEPSS 0.2%CVE-2025-28933HIGHWordPress MaxA/B plugin <= 2.2.2 - CSRF to Stored XSS vulnerabilityEPSS 0.1%